| | 103.158.37.203 | 200 OK | 82 B |
URL User Request GET HTTP/1.1IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeHTML document, ASCII text, with no line terminators Hash4f3007cbc7a7a66ce056941a01b98cb4 3f037065a973fc6a9a217eb71dba73060366b744 f72b8af72714d8c81bb716731265739bb54f3b5ef50c1b0651fa5dced0422079
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET / HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:08 GMT
Content-Type: text/html
Content-Length: 82
Last-Modified: Sun, 07 Jan 2024 07:32:44 GMT
Connection: keep-alive
ETag: "659a539c-52"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| | 103.158.37.203 | 200 OK | 82 B |
URL User Request GET HTTP/1.1IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeHTML document, ASCII text, with no line terminators Hash4f3007cbc7a7a66ce056941a01b98cb4 3f037065a973fc6a9a217eb71dba73060366b744 f72b8af72714d8c81bb716731265739bb54f3b5ef50c1b0651fa5dced0422079
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET / HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:09 GMT
Content-Type: text/html
Content-Length: 82
Last-Modified: Sun, 07 Jan 2024 07:32:44 GMT
Connection: keep-alive
ETag: "659a539c-52"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| www.dgz84.com/static/js/it.js?t=1 | 103.158.37.203 | 200 OK | 497 B |
URL GET HTTP/1.1www.dgz84.com/static/js/it.js?t=1 IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeHTML document, ASCII text, with very long lines (377) Hashdbbee82f02572bbbd2309cbd2fb9e482 cc473b347f5ba0cb354fdd319b5894f41585fbdd 8b968f3e4a66916f0013b051f3f29211dd6ff54863f2aeb11a72e93238a5c709
GET /static/js/it.js?t=1 HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:09 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Jun 2023 12:27:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"649049ae-4ce"
Expires: Sat, 20 Apr 2024 06:56:09 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| www.dgz84.com/ResourceConfig/urlConfig.json | 103.158.37.203 | 200 OK | 976 B |
URL GET HTTP/1.1www.dgz84.com/ResourceConfig/urlConfig.json IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashbee50249b0a076b83f30088c17abb979 ff3b93764a5cef58469e4d9fbe9641805aa457ca 67bf455b6872cc13447346711aa6c61cee929504601a4b804c2174de9304f1a7
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /ResourceConfig/urlConfig.json HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:10 GMT
Content-Type: application/json
Content-Length: 976
Last-Modified: Wed, 28 Feb 2024 06:49:26 GMT
Connection: keep-alive
ETag: "65ded776-3d0"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| www.dgz84.com/static/css/common.css | 103.158.37.203 | 200 OK | 97 kB |
URL GET HTTP/1.1www.dgz84.com/static/css/common.css IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeUnicode text, UTF-8 text, with very long lines (2257), with CRLF line terminators Hash2aa2a3f2fdc403bcb436c87da01ec230 1c38fb18788894321344499a568f1f8af4d572c7 12dc3f78238c4a96da3aebe29850ad014fb9ba2eaa7d39d85b583def625c4178
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/css/common.css HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:10 GMT
Content-Type: text/css
Last-Modified: Mon, 26 Jun 2023 13:07:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64998d7e-8f3f8"
Expires: Sat, 20 Apr 2024 06:56:10 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| www.dgz84.com/static/js/axios.js | 103.158.37.203 | 200 OK | 13 kB |
URL GET HTTP/1.1www.dgz84.com/static/js/axios.js IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeJavaScript source, ASCII text Hash1eb8e8e2284670dc214a3e70c25992b8 94ece417aa560aa8de906e8f54c0985da90364cc 96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/js/axios.js HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:10 GMT
Content-Type: application/javascript
Last-Modified: Sat, 10 Nov 2018 04:07:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5be65996-a6f0"
Expires: Sat, 20 Apr 2024 06:56:10 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| www.dgz84.com/static/js/jquery-ui.js | 103.158.37.203 | 200 OK | 612 B |
URL GET HTTP/1.1www.dgz84.com/static/js/jquery-ui.js IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeASCII text, with very long lines (1005), with CRLF, LF line terminators Hashfa70ef9b3baeefa50d352deda10d2458 16b8b84ed9c17ee2d76f58c1112c5013ad76a7a7 4fbae71f6f85ef949f46695d0a4935b278fb4a1c702e6b5e873cf802f7a61419
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/js/jquery-ui.js HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:10 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Mar 2023 07:28:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64098a92-5a4"
Expires: Sat, 20 Apr 2024 06:56:10 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| www.dgz84.com/static/image/loading.gif | 103.158.37.203 | 200 OK | 61 kB |
URL GET HTTP/1.1www.dgz84.com/static/image/loading.gif IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeGIF image data, version 89a, 800 x 800 Hash1e8464494e154c52fc4866dc185bfacd f3625bb8360030f037381a33daaa96ff836b3227 4f21bb5f9035ebc23018660d3fa61bf1fc6fb14f383dc0a17dd91bc421ed861c
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/image/loading.gif HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:10 GMT
Content-Type: image/gif
Content-Length: 61320
Last-Modified: Mon, 19 Jun 2023 12:09:30 GMT
Connection: keep-alive
ETag: "6490457a-ef88"
Expires: Sun, 19 May 2024 18:56:10 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| www.dgz84.com/static/js/ResourceRedConfig.js | 103.158.37.203 | 200 OK | 4.8 kB |
URL GET HTTP/1.1www.dgz84.com/static/js/ResourceRedConfig.js IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeASCII text, with very long lines (6275) Hash620e09ba3ac2009c1e51515435a1d829 00b7a71439ed6d10a72f84c41aae17e7781d7d2a afb3c907789818d025bf475383b3b67434e959b5e3b7722b78c7ed4d424d2d59
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/js/ResourceRedConfig.js HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:11 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Mar 2024 16:11:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65f867c6-2dd4"
Expires: Sat, 20 Apr 2024 06:56:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| www.dgz84.com/favicon.ico | 103.158.37.203 | 404 Not Found | 146 B |
URL GET HTTP/1.1www.dgz84.com/favicon.ico IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /favicon.ico HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 18:56:12 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
|
|
| www.jpcsalarak9243.com/click/queryIpClick | 134.122.148.74 | 200 OK | 0 B |
URL GET HTTP/2www.jpcsalarak9243.com/click/queryIpClick IP134.122.148.74:443 ASN#64050 BGPNET Global ASN
CertificateIssuerLet's Encrypt Subjectwww.jpcsalarak9243.com FingerprintAF:C3:BC:7C:CF:E9:25:F8:32:82:FD:45:77:68:9E:8C:6F:90:F1:94 ValiditySun, 31 Mar 2024 17:31:18 GMT - Sat, 29 Jun 2024 17:31:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /click/queryIpClick HTTP/1.1
Host: www.jpcsalarak9243.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: sink,sinks
Referer: http://www.dgz84.com/
Origin: http://www.dgz84.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 18:56:14 GMT
content-type: text/plain;charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: *
X-Firefox-Spdy: h2
|
|
| www.jpcsalarak9243.com/click/queryIpClick | 134.122.148.74 | 200 OK | 0 B |
URL GET HTTP/2www.jpcsalarak9243.com/click/queryIpClick IP134.122.148.74:443 ASN#64050 BGPNET Global ASN
CertificateIssuerLet's Encrypt Subjectwww.jpcsalarak9243.com FingerprintAF:C3:BC:7C:CF:E9:25:F8:32:82:FD:45:77:68:9E:8C:6F:90:F1:94 ValiditySun, 31 Mar 2024 17:31:18 GMT - Sat, 29 Jun 2024 17:31:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click/queryIpClick HTTP/1.1
Host: www.jpcsalarak9243.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sink: ITPOST2
sinks: 2
Origin: http://www.dgz84.com
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 18:56:15 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
X-Firefox-Spdy: h2
|
|
| www.jpcsalarak9243.com/websocket/2e03a3b3a61971bd375aac43fcf616cd | 134.122.148.74 | | 0 B |
URL www.jpcsalarak9243.com/websocket/2e03a3b3a61971bd375aac43fcf616cd IP134.122.148.74:0 ASN#64050 BGPNET Global ASN
CertificateIssuerLet's Encrypt Subjectwww.jpcsalarak9243.com FingerprintAF:C3:BC:7C:CF:E9:25:F8:32:82:FD:45:77:68:9E:8C:6F:90:F1:94 ValiditySun, 31 Mar 2024 17:31:18 GMT - Sat, 29 Jun 2024 17:31:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /websocket/2e03a3b3a61971bd375aac43fcf616cd HTTP/1.1
Host: www.jpcsalarak9243.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.dgz84.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BX2WE4RHARLGgelQp8hTLA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101
Server: nginx
Date: Fri, 19 Apr 2024 18:56:18 GMT
Connection: upgrade
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: *
Upgrade: websocket
Sec-WebSocket-Accept: gGyQeZ1k4wy5WzAFNuJI+h/5gXQ=
Sec-WebSocket-Extensions: permessage-deflate
|
|
| js.withdesk.com/b6e987ff-e8f0-4aad-85a3-4a40538707cd | 54.230.111.75 | 302 Found | 0 B |
URL GET HTTP/2js.withdesk.com/b6e987ff-e8f0-4aad-85a3-4a40538707cd IP54.230.111.75:443
CertificateIssuerAmazon Subjectjs.withdesk.com FingerprintAA:D9:A2:DF:C6:DD:66:69:33:9F:C7:71:5C:B0:28:7F:E3:C2:BB:E0 ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b6e987ff-e8f0-4aad-85a3-4a40538707cd HTTP/1.1
Host: js.withdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://assets.withdesk.com/js/index.js
date: Wed, 17 Apr 2024 20:47:00 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pkHNZ55HYWmwT1L5cuizo7BDgRwStO7LX_2XlrbTbg15BxBQtQyE2Q==
age: 166159
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-500395028 | 142.250.74.40 | 200 OK | 77 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-500395028 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash7efb702c2f537974b147ccf788ca2af9 47d94c00b1cc53d244f0cf4f7a9a9204b64761b5 5919098346e0c2fe364ed86dbfe26de38a9795104b43182e7476e5d56e2c780f
GET /gtag/js?id=AW-500395028 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:19 GMT
expires: Fri, 19 Apr 2024 18:56:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77435
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-731042320 | 142.250.74.40 | 200 OK | 77 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-731042320 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash700e13821cf636e93257c9fd9695cc68 8bc029311e24ff51df67a62cbc466f21709a53e2 43bac95d0ae89c3e49edf5bb784afb10bdd9ba804d9472869b0bf3482b958708
GET /gtag/js?id=AW-731042320 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:19 GMT
expires: Fri, 19 Apr 2024 18:56:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-731046610 | 142.250.74.40 | 200 OK | 77 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-731046610 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hashbfd0b61a031462d15a4de8e073edfe09 6ace1e1ba636cd65acd9b63980007f06f7633a9e b617fb3066f1404f77125f775b4dc9a6f18986a04690a2cc82dcec71c2176bbd
GET /gtag/js?id=AW-731046610 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:19 GMT
expires: Fri, 19 Apr 2024 18:56:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-500327169 | 142.250.74.40 | 200 OK | 78 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-500327169 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash6dad4909d60d582d5ccbbc0619d8aa53 f4470bc830c8dfaea2b03489bfac74c97295a13d 6ad12e7ece0ab317c152901e6eb5f7eea17175e66f8f272c42ef00ea1215f67c
GET /gtag/js?id=AW-500327169 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:19 GMT
expires: Fri, 19 Apr 2024 18:56:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-731048050 | 142.250.74.40 | 200 OK | 77 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-731048050 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash33480314a184ea509497f8d643f3ad83 393fa21f6b469d10e687a243397a5e28b1959477 11d59575339e2357a240b8d7a39d1ae3e3c443bd67600d131a5217f30117d674
GET /gtag/js?id=AW-731048050 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:19 GMT
expires: Fri, 19 Apr 2024 18:56:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77435
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-500391275 | 142.250.74.40 | 200 OK | 78 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-500391275 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash64b8f4603e975e53e6244e6172496668 0afeb1e00621e2cd97daf19485eeb69221d7c99a b4c18070b057b15b886345b07eba9bcf55cedec7b0df9c9f278bcfd3ae807669
GET /gtag/js?id=AW-500391275 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:19 GMT
expires: Fri, 19 Apr 2024 18:56:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77515
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.dgz84.com/static/js/ResourceConfig.js | 103.158.37.203 | 200 OK | 6.5 kB |
URL GET HTTP/1.1www.dgz84.com/static/js/ResourceConfig.js IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
Hash2207891cdf55e57fb90cdd2e96ad5efb 952114d369cf4b270c82d8b924eb29762a3eb838 891241f00f08b8783672b07c224960b784f91f9a58424a213657322bd5ca4f88
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/js/ResourceConfig.js HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:19 GMT
Content-Type: application/javascript
Last-Modified: Thu, 21 Mar 2024 11:56:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65fc2085-7251"
Expires: Sat, 20 Apr 2024 06:56:19 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| j.amoad.com/js/r.js | 54.230.219.236 | 200 OK | 68 B |
IP54.230.219.236:80
File typeJavaScript source, ASCII text Hash7828f61adf7ad1815fc4ba86262a93fd 01d64a1d8b9176e42b8dfab5ef8ff96c9626e858 0b554bac207c85c0a5ba8e6dc0ffbcd9f39c5fda7edd1ddc82c9612055e9c1fb
GET /js/r.js HTTP/1.1
Host: j.amoad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 18:56:19 GMT
Content-Type: application/javascript
Content-Length: 68
Connection: keep-alive
Last-Modified: Mon, 18 Mar 2024 01:28:36 GMT
ETag: "7828f61adf7ad1815fc4ba86262a93fd"
x-amz-server-side-encryption: AES256
x-amz-version-id: vTU8ZdpS2BKCBz4Sr4ym669fb_lBEo35
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xisC4d1KLCpkRteLJzJuTsRhVpqgmrC9JEDH0PG_kJR6scPTJe0xow==
Cache-Control: private, max-age=129600
|
|
| s2.nend.net/js/nendRt.js | 23.61.228.63 | 200 OK | 1 B |
IP23.61.228.63:443
CertificateIssuerDigiCert Inc Subject*.nend.net FingerprintD4:69:90:B5:DC:FA:C0:F9:F6:4A:62:90:B1:CE:34:62:83:D9:02:46 ValiditySun, 20 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hash68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /js/nendRt.js HTTP/1.1
Host: s2.nend.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/x-javascript
Content-Length: 1
Last-Modified: Thu, 03 Aug 2023 06:27:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=134
Expires: Fri, 19 Apr 2024 18:58:33 GMT
Date: Fri, 19 Apr 2024 18:56:19 GMT
Connection: keep-alive
|
|
| www.tfteleknteqd888.com/index.php | 121.127.245.109 | 200 OK | 97 kB |
URL GET HTTP/2www.tfteleknteqd888.com/index.php IP121.127.245.109:443 ASN#64050 BGPNET Global ASN
CertificateIssuerLet's Encrypt Subjectwww.tfteleknteqd888.com Fingerprint82:66:DB:62:4E:F0:7E:6F:D1:6D:02:F4:44:B5:1B:A6:44:63:FE:42 ValidityMon, 18 Mar 2024 15:11:03 GMT - Sun, 16 Jun 2024 15:11:02 GMT
File typeUnicode text, UTF-8 text, with very long lines (2257), with CRLF, CR, LF line terminators Hash24f4eed6cf7aa74713093845b2ed3ee0 76e7b76d023e4a34e6af81173d7e200f836cb033 fccae8a5c4726674abab69121dd6ff277d40e856abda03618924139a1a6d55ec
OPTIONS /index.php HTTP/1.1
Host: www.tfteleknteqd888.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: sink,sinks
Referer: http://www.dgz84.com/
Origin: http://www.dgz84.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 18:56:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: http://www.dgz84.com
access-control-allow-headers: HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken,sink,sinks
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.dgz84.com/FH0yeOuckEYLmQRw4oKM/JaibVNkrbX3S1V/TVhVX1U/HFohcQV/veTw | 103.158.37.203 | 404 Not Found | 146 B |
URL GET HTTP/1.1www.dgz84.com/FH0yeOuckEYLmQRw4oKM/JaibVNkrbX3S1V/TVhVX1U/HFohcQV/veTw IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /FH0yeOuckEYLmQRw4oKM/JaibVNkrbX3S1V/TVhVX1U/HFohcQV/veTw HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 18:56:19 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
|
|
| t.co/i/adsct?bci=3&eci=2&event_id=4e87fc32-3f12-41c3-91e6-63b1688f5333&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a9996118-daa8-4280-bc15-4bb4399a30e4&tw_document_href=https%3A%2F%2Fwww.aeon.co.jp%2Fauth%2Frealms%2Fmsweb%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3DmoneySiteWeb%26redirect_uri%3Dhttps%3A%2F%2Fwww.aeon.co.jp%2Fmsapi%2Fpublic%2Fv1%2Fauthorization%2FIssueToken%26response_type%3Dcode%26scope%3Dopenid%26state%3DE5E5UI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4wc7&type=javascript&version=2.3.29 | 104.244.42.5 | 200 OK | 0 B |
URL GET HTTP/2t.co/i/adsct?bci=3&eci=2&event_id=4e87fc32-3f12-41c3-91e6-63b1688f5333&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a9996118-daa8-4280-bc15-4bb4399a30e4&tw_document_href=https%3A%2F%2Fwww.aeon.co.jp%2Fauth%2Frealms%2Fmsweb%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3DmoneySiteWeb%26redirect_uri%3Dhttps%3A%2F%2Fwww.aeon.co.jp%2Fmsapi%2Fpublic%2Fv1%2Fauthorization%2FIssueToken%26response_type%3Dcode%26scope%3Dopenid%26state%3DE5E5UI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4wc7&type=javascript&version=2.3.29 IP104.244.42.5:443
CertificateIssuerDigiCert Inc Subjectt.co Fingerprint97:DE:B3:55:69:90:C1:30:DC:D2:BA:8D:AA:FD:83:DE:5A:BD:27:5C ValiditySun, 07 Jan 2024 00:00:00 GMT - Mon, 06 Jan 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i/adsct?bci=3&eci=2&event_id=4e87fc32-3f12-41c3-91e6-63b1688f5333&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a9996118-daa8-4280-bc15-4bb4399a30e4&tw_document_href=https%3A%2F%2Fwww.aeon.co.jp%2Fauth%2Frealms%2Fmsweb%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3DmoneySiteWeb%26redirect_uri%3Dhttps%3A%2F%2Fwww.aeon.co.jp%2Fmsapi%2Fpublic%2Fv1%2Fauthorization%2FIssueToken%26response_type%3Dcode%26scope%3Dopenid%26state%3DE5E5UI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4wc7&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 18:56:18 GMT
perf: 7402827104
server: tsa_o
set-cookie: muc_ads=78c2d159-1b37-45b8-a17d-f94eb94a24f1; Max-Age=63072000; Expires=Sun, 19 Apr 2026 18:56:19 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 0
x-transaction-id: 1a41d3c11af6570f
x-xss-protection: 0
strict-transport-security: max-age=0
access-control-allow-credentials: true
x-response-time: 112
x-connection-hash: 09800284936e2968b1b9d94ad36549f49160e5d82776d4a49b64b5fe0bba2f2b
X-Firefox-Spdy: h2
|
|
| s.yimg.jp/images/listing/tool/cv/ytag.js | 183.79.249.124 | 200 OK | 10 kB |
URL GET HTTP/2s.yimg.jp/images/listing/tool/cv/ytag.js IP183.79.249.124:443
CertificateIssuerCybertrust Japan Co., Ltd. Subjectedge01.yahoo.co.jp FingerprintDF:68:03:C4:36:A5:59:5C:8E:59:E1:71:B7:8D:82:C9:4D:76:7A:93 ValidityFri, 02 Feb 2024 07:46:09 GMT - Sat, 01 Mar 2025 14:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (31249), with no line terminators Hashe20521ced63c4cc4c407616f67b524bd 7da4983207f82314fa4681d467577e32215a8e51 3356ae8297d2248e8abc6b9a612dda94298164f0ee224a98002167cfe1a68ad3
GET /images/listing/tool/cv/ytag.js HTTP/1.1
Host: s.yimg.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 19 Apr 2024 18:55:07 GMT
vary: Accept-Encoding
x-ntap-sg-trace-id: 21326bc641db9cdd
last-modified: Thu, 21 Mar 2024 02:12:50 GMT
cache-control: public, max-age=600
content-encoding: gzip
server: nghttpx
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
age: 72
content-length: 10012
ats-carp-promotion: 1
x-z-chihaya: r=1
X-Firefox-Spdy: h2
|
|
| www.dgz84.com/static/image/logo-moneysite.png | 103.158.37.203 | 200 OK | 22 kB |
URL GET HTTP/1.1www.dgz84.com/static/image/logo-moneysite.png IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typePNG image data, 500 x 101, 8-bit/color RGBA, non-interlaced Hash865ee8971dda3a43ed1969c9e3775d40 ece1bd002a6874fc8a045fda3b5e08e550e2da03 784489fcbdcb6424c43264db5e6e062027aa7ab2a3c40728d3bfe810e70dc339
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/image/logo-moneysite.png HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:19 GMT
Content-Type: image/png
Content-Length: 22506
Last-Modified: Sat, 06 Jan 2024 13:07:18 GMT
Connection: keep-alive
ETag: "65995086-57ea"
Expires: Sun, 19 May 2024 18:56:19 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| assets.withdesk.com/js/index.js | 143.204.55.115 | 200 OK | 665 B |
URL GET HTTP/2assets.withdesk.com/js/index.js IP143.204.55.115:443
CertificateIssuerAmazon Subjectassets.withdesk.com Fingerprint20:72:AE:05:52:A4:70:8B:4C:6E:16:BA:E2:77:17:F8:6B:41:D1:D2 ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (665), with no line terminators Hashcb901e490f44c4b382aaadb85f8165d6 3489aa909d6d5c00118143949c9fffe59f297156 7a1681677c1473cf4749f47b06cac2bf65e5d0d8b96c67cf613d7af423551c39
GET /js/index.js HTTP/1.1
Host: assets.withdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dgz84.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 665
last-modified: Wed, 17 Apr 2024 14:18:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ByUbZjlmsXZU.ZrYgEVz59wPztky1B4S
accept-ranges: bytes
server: AmazonS3
date: Fri, 19 Apr 2024 18:56:20 GMT
cache-control: no-cache
etag: "cb901e490f44c4b382aaadb85f8165d6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qp6TRSlqbJy_xuIgs3z1G_gLuumxIhxdub7t16R5BfrIbcsPN1sdPg==
X-Firefox-Spdy: h2
|
|
| www.dgz84.com/static/js/vue.js | 103.158.37.203 | 200 OK | 106 kB |
URL GET HTTP/1.1www.dgz84.com/static/js/vue.js IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeJavaScript source, ASCII text Size106 kB (106238 bytes) Hasha9b6fe71cb7cfcd689e1ef345aefba51 5c39dfc37fc42400e4b4557db956f3f218a90ca7 159f0ac0c8f517aaa736003b6e13ebc959b5f7129db87e4e56bf2eec8d6d02d7
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/js/vue.js HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:19 GMT
Content-Type: application/javascript
Last-Modified: Thu, 13 May 2021 06:21:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"609cc560-53883"
Expires: Sat, 20 Apr 2024 06:56:19 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| b92.yahoo.co.jp/js/s_retargeting.js | 183.79.249.124 | 403 Forbidden | 1 B |
URL GET HTTP/2b92.yahoo.co.jp/js/s_retargeting.js IP183.79.249.124:443
CertificateIssuerCybertrust Japan Co., Ltd. Subjectedge01.yahoo.co.jp FingerprintDF:68:03:C4:36:A5:59:5C:8E:59:E1:71:B7:8D:82:C9:4D:76:7A:93 ValidityFri, 02 Feb 2024 07:46:09 GMT - Sat, 01 Mar 2025 14:59:00 GMT
File typevery short file (no magic) Hash7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /js/s_retargeting.js HTTP/1.1
Host: b92.yahoo.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Redirect
Date: Fri, 19 Apr 2024 18:56:20 GMT
Connection: keep-alive
Cache-Control: no-store
Location: https://b92.yahoo.co.jp:443/js/s_retargeting.js
Content-Type: text/html
Content-Language: en
X-Z-Chihaya: r=1
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Permissions-Policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*, unload=()
Content-Length: 1
|
|
| b92.yahoo.co.jp/js/s_retargeting.js | 183.79.249.124 | 403 Forbidden | 10 kB |
URL GET HTTP/2b92.yahoo.co.jp/js/s_retargeting.js IP183.79.249.124:443
CertificateIssuerCybertrust Japan Co., Ltd. Subjectedge01.yahoo.co.jp FingerprintDF:68:03:C4:36:A5:59:5C:8E:59:E1:71:B7:8D:82:C9:4D:76:7A:93 ValidityFri, 02 Feb 2024 07:46:09 GMT - Sat, 01 Mar 2025 14:59:00 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (486) Hashbf7ebe1cc45db5a11337e505248ca4f8 ca46580e39a792218e8a0adc5a3e6e25dc11ee1f ae97b45362096c079f51de99d60833ee729b9daca0d414bf20dd797395b4717b
GET /js/s_retargeting.js HTTP/1.1
Host: b92.yahoo.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dgz84.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
date: Fri, 19 Apr 2024 18:56:20 GMT
x-z-chihaya: r=1
x-frame-options: SAMEORIGIN
content-length: 10051
content-type: text/html
X-Firefox-Spdy: h2
|
|
| b99.yahoo.co.jp/pagead/conversion_async.js | 183.79.255.12 | 403 Forbidden | 10 kB |
URL GET HTTP/1.1b99.yahoo.co.jp/pagead/conversion_async.js IP183.79.255.12:443
CertificateIssuerCybertrust Japan Co., Ltd. Subjectmscedge01.yahoo.co.jp Fingerprint78:B8:E7:93:76:1B:13:8A:F9:4B:15:86:66:22:3A:89:E3:04:EA:54 ValidityMon, 20 Nov 2023 03:15:16 GMT - Thu, 19 Dec 2024 14:59:00 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (486) Hashbf7ebe1cc45db5a11337e505248ca4f8 ca46580e39a792218e8a0adc5a3e6e25dc11ee1f ae97b45362096c079f51de99d60833ee729b9daca0d414bf20dd797395b4717b
GET /pagead/conversion_async.js HTTP/1.1
Host: b99.yahoo.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 19 Apr 2024 18:56:20 GMT
Connection: close
X-Z-Chihaya: r=1
X-Frame-Options: SAMEORIGIN
Content-Length: 10051
Content-Type: text/html
|
|
| www.googletagmanager.com/gtm.js?id=GTM-W8TPP6 | 142.250.74.40 | 200 OK | 250 B |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-W8TPP6 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash1f0226e7bd4d57f6931681a08ef82f1d d4cee6b802f2ee624b546b033c84ddb5844ae775 5f92aa2a57f54bd827526feaf793e5097704ae096d58274ceb2781eb3ffb6263
GET /gtm.js?id=GTM-W8TPP6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-W8TPP6
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 19 Apr 2024 18:56:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
|
|
| www.googletagmanager.com/gtm.js?id=GTM-W8TPP6 | 142.250.74.40 | 200 OK | 104 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-W8TPP6 IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (36883) Size104 kB (104493 bytes) Hash396330628ecfc4d94e28e73ba00cf0a4 8da4bad25e6b0b26401ed27cdfc55f552dc14fd1 56781946c2b1e39fa9ce4be7d79e29cfd277c6d24fb2785d7a62db955b752ce8
GET /gtm.js?id=GTM-W8TPP6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dgz84.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:20 GMT
expires: Fri, 19 Apr 2024 18:56:20 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104493
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/destination?id=AW-975121407&l=dataLayer&cx=c | 142.250.74.40 | 302 Found | 287 B |
URL GET HTTP/1.1www.googletagmanager.com/gtag/destination?id=AW-975121407&l=dataLayer&cx=c IP142.250.74.40:80
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8609114d0ff9763c8924ae705f2517f4 efab607632bc1ac20f7dd11c42783ea5b2059ed0 b0d4cd37d7a38a247f906e7a1038e5a68acda5c76941fbde59f9f53c92cb62b2
GET /gtag/destination?id=AW-975121407&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/destination?id=AW-975121407&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 19 Apr 2024 18:56:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 287
X-XSS-Protection: 0
|
|
| www.googletagmanager.com/gtag/js?id=G-WHWLPMHQCY&l=dataLayer&cx=c | 142.250.74.40 | 200 OK | 278 B |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-WHWLPMHQCY&l=dataLayer&cx=c IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash61bf7c31f7f6f03c873877c1c788c6fc 7601a3ecd75851145d0e052e52a0bcf0c7877739 2529e14176fb3d752d296899025b76eea5f2f751f065d7f285c146e7fc507e76
GET /gtag/js?id=G-WHWLPMHQCY&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-WHWLPMHQCY&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 19 Apr 2024 18:56:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
|
|
| www.googletagmanager.com/gtag/destination?id=AW-966350753&l=dataLayer&cx=c | 142.250.74.40 | 200 OK | 287 B |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=AW-966350753&l=dataLayer&cx=c IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashd6e221b2d6f88d53a213e69456540d48 7b7109d79c62ad101b5420bd6b63a54e596324bb b546d5e43cdf2ca356ed3ed2be70b60373b077218e9b688d4d9470f9114dcd0a
GET /gtag/destination?id=AW-966350753&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/destination?id=AW-966350753&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 19 Apr 2024 18:56:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 287
X-XSS-Protection: 0
|
|
| www.dgz84.com/-/media/aeoncard/assets/images/icon/catch-title-mgt.svg | 103.158.37.203 | 200 OK | 832 B |
URL GET HTTP/1.1www.dgz84.com/-/media/aeoncard/assets/images/icon/catch-title-mgt.svg IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeSVG Scalable Vector Graphics image Hash46e8abb07d99f624434cc5af3cc46a01 d6070c096204c391233c32f1051852eab4fdc0d8 978f93df4d616b5cc75308e03706c59cd996427b615e57c21a6c15aae28d71b0
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /-/media/aeoncard/assets/images/icon/catch-title-mgt.svg HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/static/css/common.css?updated=20210906
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:20 GMT
Content-Type: image/svg+xml
Content-Length: 832
Last-Modified: Mon, 26 Jun 2023 13:56:30 GMT
Connection: keep-alive
ETag: "6499990e-340"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| www.googletagmanager.com/gtag/destination?id=AW-975121407&l=dataLayer&cx=c | 142.250.74.40 | 302 Found | 78 kB |
URL GET HTTP/1.1www.googletagmanager.com/gtag/destination?id=AW-975121407&l=dataLayer&cx=c IP142.250.74.40:80
File typeJavaScript source, ASCII text, with very long lines (2165) Hash0e96e5bedca5470f1adaf93e99d94952 64aa0701285365b8b5056c510f14b74e5cd9ac5b e59e4fce5a4efce9998ba35429a23587e35eb4078b95bf6a5ede66c0b8e8e717
GET /gtag/destination?id=AW-975121407&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dgz84.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:20 GMT
expires: Fri, 19 Apr 2024 18:56:20 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77513
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/destination?id=AW-966350753&l=dataLayer&cx=c | 142.250.74.40 | 200 OK | 78 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=AW-966350753&l=dataLayer&cx=c IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash3d533abc14584fa87da10e9b082dd868 07b422215399f04b0ba89fe23a8f904aeaca78b3 cfd91db9a813da3a3e4654d13f8e9fc4469a1ed1364393e379cfe7190973685e
GET /gtag/destination?id=AW-966350753&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dgz84.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:20 GMT
expires: Fri, 19 Apr 2024 18:56:20 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77511
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-WHWLPMHQCY&l=dataLayer&cx=c | 142.250.74.40 | 200 OK | 104 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-WHWLPMHQCY&l=dataLayer&cx=c IP142.250.74.40:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (18936) Size104 kB (104030 bytes) Hash3d9cd81165d217eb748a79891178f4c8 05fbf714ced3b8b67aae1cbba16fcd9143e0be87 291b0bd45b967b269ba132efb9b6d96fedc8bbfff2f7b028d2136c2264a8f6ad
GET /gtag/js?id=G-WHWLPMHQCY&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dgz84.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 18:56:20 GMT
expires: Fri, 19 Apr 2024 18:56:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.tfteleknteqd888.com/index.php | 121.127.245.109 | 200 OK | 1.2 kB |
URL GET HTTP/2www.tfteleknteqd888.com/index.php IP121.127.245.109:443 ASN#64050 BGPNET Global ASN
CertificateIssuerLet's Encrypt Subjectwww.tfteleknteqd888.com Fingerprint82:66:DB:62:4E:F0:7E:6F:D1:6D:02:F4:44:B5:1B:A6:44:63:FE:42 ValidityMon, 18 Mar 2024 15:11:03 GMT - Sun, 16 Jun 2024 15:11:02 GMT
File typegzip compressed data, from Unix Hash8bb7d859d41f2d6eb87f2c16a11328e8 e8447dff05d8c014cb0cf0b271fa4619a84e32f0 29ef727446ae370515f83cb95896ec0fdd10d06f8ec4400b66168118871aee9c
GET /index.php HTTP/1.1
Host: www.tfteleknteqd888.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sink: ITPOST2
sinks: 2
Origin: http://www.dgz84.com
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 18:56:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: http://www.dgz84.com
access-control-allow-headers: HTTP_X_REQUESTED_WITH,X-Requested-With,X_Requested_With,Content-Type,ClientVersion,Authorization,Version, Token, Origin,Accept,DNT,X-Mx-ReqToken,sink,sinks
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.dgz84.com/-/media/aeoncard/assets/images/icon/arrow-right.svg | 103.158.37.203 | 200 OK | 667 B |
URL GET HTTP/1.1www.dgz84.com/-/media/aeoncard/assets/images/icon/arrow-right.svg IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeSVG Scalable Vector Graphics image Hash0edaca36f67857f869b532069a08d327 874ffe2bebe40ef2d93c509111a87952ca1a04f9 4b101a45570a701d8670aeed75d20f1a6b2812f2dfec8933ef51ede92f456094
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /-/media/aeoncard/assets/images/icon/arrow-right.svg HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/static/css/common.css?updated=20210906
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:21 GMT
Content-Type: image/svg+xml
Content-Length: 667
Last-Modified: Mon, 26 Jun 2023 13:56:18 GMT
Connection: keep-alive
ETag: "64999902-29b"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| www.dgz84.com/-/media/aeoncard/assets/images/login/bg-lgi-small.jpg | 103.158.37.203 | 200 OK | 251 kB |
URL GET HTTP/1.1www.dgz84.com/-/media/aeoncard/assets/images/login/bg-lgi-small.jpg IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeJPEG image data, baseline, precision 8, 1920x1088, components 3 Size251 kB (250623 bytes) Hashd26fee662dcb6f1234ad47225af11c44 a381ee1a527817a9d60e2976077fc6109d9dbe07 65cfc6d8a08327eaa144942a8c429db34f313187062120c4e727e2162189d434
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /-/media/aeoncard/assets/images/login/bg-lgi-small.jpg HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/static/css/common.css?updated=20210906
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:20 GMT
Content-Type: image/jpeg
Content-Length: 250623
Last-Modified: Mon, 26 Jun 2023 13:46:22 GMT
Connection: keep-alive
ETag: "649996ae-3d2ff"
Expires: Sun, 19 May 2024 18:56:20 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000z86189594za200&_p=1713552980649&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=12479 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000z86189594za200&_p=1713552980649&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=12479 IP216.239.32.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000z86189594za200&_p=1713552980649&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=12479 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dgz84.com
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.dgz84.com
date: Fri, 19 Apr 2024 18:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WHWLPMHQCY&cid=1946699012.1713552981>m=45je44h0v899422000z86189594za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1057932692 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WHWLPMHQCY&cid=1946699012.1713552981>m=45je44h0v899422000z86189594za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1057932692 IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68 ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WHWLPMHQCY&cid=1946699012.1713552981>m=45je44h0v899422000z86189594za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1057932692 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Apr 2024 18:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000z86189594za200&_p=1713552980649&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=undefined&tfd=12514 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000z86189594za200&_p=1713552980649&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=undefined&tfd=12514 IP216.239.32.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000z86189594za200&_p=1713552980649&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=undefined&tfd=12514 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dgz84.com
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.dgz84.com
date: Fri, 19 Apr 2024 18:56:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.dgz84.com/-/media/AeonCard/favicon.ico | 103.158.37.203 | 404 Not Found | 146 B |
URL GET HTTP/1.1www.dgz84.com/-/media/AeonCard/favicon.ico IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /-/media/AeonCard/favicon.ico HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Cookie: _gcl_au=1.1.1021413493.1713552981; _ga_WHWLPMHQCY=GS1.1.1713552981.1.0.1713552981.60.0.0; _ga=GA1.1.1946699012.1713552981
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 18:56:22 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
|
|
| www.dgz84.com/-/media/aeoncard/assets/images/icon/login.svg | 103.158.37.203 | 200 OK | 569 B |
URL GET HTTP/1.1www.dgz84.com/-/media/aeoncard/assets/images/icon/login.svg IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeSVG Scalable Vector Graphics image Hasha00c57eac36a0040e83a02654b88153b b28b1d7917d4ac424bfa88dc8296be98b36346c6 e6afa5165455b60a9ee13a3d720cfbac28bf860d7f023ee81bbce7d978b3a0ea
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /-/media/aeoncard/assets/images/icon/login.svg HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/static/css/common.css?updated=20210906
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:23 GMT
Content-Type: image/svg+xml
Content-Length: 569
Last-Modified: Mon, 26 Jun 2023 13:56:38 GMT
Connection: keep-alive
ETag: "64999916-239"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
|
|
| link-ag.net/dist/p/l/index.js | 13.115.204.165 | 200 OK | 3.8 kB |
URL GET HTTP/2link-ag.net/dist/p/l/index.js IP13.115.204.165:443
CertificateIssuerAmazon Subjectlink-ag.net FingerprintC0:73:BF:2D:B7:E7:32:57:B7:42:30:B2:E9:69:BC:25:FD:88:73:64 ValidityWed, 11 Oct 2023 00:00:00 GMT - Fri, 08 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3776) Hash965556cda0b22ef42ed86b88ec899a83 079569d45ffb2ab6e0e342a51636ceb713069578 4fca8e5b0583820c57286a8715f29de0595e364debd820f73e29dc5ab89eca76
GET /dist/p/l/index.js HTTP/1.1
Host: link-ag.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 18:56:23 GMT
content-type: application/javascript
content-length: 3839
server: nginx/1.25.5
last-modified: Thu, 18 Apr 2024 02:12:09 GMT
etag: "66208179-eff"
expires: Fri, 19 Apr 2024 19:01:23 GMT
cache-control: max-age=300
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.dgz84.com/static/js/axios.js | 103.158.37.203 | 200 OK | 13 kB |
URL GET HTTP/1.1www.dgz84.com/static/js/axios.js IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
File typeJavaScript source, ASCII text Hash1eb8e8e2284670dc214a3e70c25992b8 94ece417aa560aa8de906e8f54c0985da90364cc 96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455
Analyzer | Verdict | Alert | OpenPhish | phishing | AEON Financial Service |
GET /static/js/axios.js HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:25 GMT
Content-Type: application/javascript
Last-Modified: Sat, 10 Nov 2018 04:07:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5be65996-a6f0"
Expires: Sat, 20 Apr 2024 06:56:25 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000za200&_p=1713552980649&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=scroll&epn.percent_scrolled=90&tfd=17515 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000za200&_p=1713552980649&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=scroll&epn.percent_scrolled=90&tfd=17515 IP216.239.32.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-WHWLPMHQCY>m=45je44h0v899422000za200&_p=1713552980649&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1946699012.1713552981&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&sid=1713552981&sct=1&seg=0&dl=http%3A%2F%2Fwww.dgz84.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%82%A4%E3%82%AA%E3%83%B3%E3%82%AB%E3%83%BC%E3%83%89%E3%80%80%E6%9A%AE%E3%82%89%E3%81%97%E3%81%AE%E3%83%9E%E3%83%8D%E3%83%BC%E3%82%B5%E3%82%A4%E3%83%88&en=scroll&epn.percent_scrolled=90&tfd=17515 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dgz84.com
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: http://www.dgz84.com
date: Fri, 19 Apr 2024 18:56:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.dgz84.com/static/css/common.css?updated=20210906 | 103.158.37.203 | 200 OK | 587 kB |
URL GET HTTP/1.1www.dgz84.com/static/css/common.css?updated=20210906 IP103.158.37.203:80 ASN#142032 High Family Technology Co., Limited
Size587 kB (586744 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/css/common.css?updated=20210906 HTTP/1.1
Host: www.dgz84.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 18:56:19 GMT
Content-Type: text/css
Last-Modified: Mon, 26 Jun 2023 13:07:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64998d7e-8f3f8"
Expires: Sat, 20 Apr 2024 06:56:19 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| www.jpcsalarak9243.com/websocket/2e03a3b3a61971bd375aac43fcf616cd | 134.122.148.74 | 101 | 0 B |
URL GET HTTP/1.1www.jpcsalarak9243.com/websocket/2e03a3b3a61971bd375aac43fcf616cd IP134.122.148.74:443 ASN#64050 BGPNET Global ASN
CertificateIssuerLet's Encrypt Subjectwww.jpcsalarak9243.com FingerprintAF:C3:BC:7C:CF:E9:25:F8:32:82:FD:45:77:68:9E:8C:6F:90:F1:94 ValiditySun, 31 Mar 2024 17:31:18 GMT - Sat, 29 Jun 2024 17:31:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /websocket/2e03a3b3a61971bd375aac43fcf616cd HTTP/1.1
Host: www.jpcsalarak9243.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.dgz84.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BX2WE4RHARLGgelQp8hTLA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101
Server: nginx
Date: Fri, 19 Apr 2024 18:56:18 GMT
Connection: upgrade
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: *
Upgrade: websocket
Sec-WebSocket-Accept: gGyQeZ1k4wy5WzAFNuJI+h/5gXQ=
Sec-WebSocket-Extensions: permessage-deflate
|
|
| assets.withdesk.com/js/bundle.27693791-d162-4dae-b506-b567554557f6.js | 143.204.55.115 | 403 Forbidden | 0 B |
URL GET HTTP/2assets.withdesk.com/js/bundle.27693791-d162-4dae-b506-b567554557f6.js IP143.204.55.115:443
CertificateIssuerAmazon Subjectassets.withdesk.com Fingerprint20:72:AE:05:52:A4:70:8B:4C:6E:16:BA:E2:77:17:F8:6B:41:D1:D2 ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/bundle.27693791-d162-4dae-b506-b567554557f6.js HTTP/1.1
Host: assets.withdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.dgz84.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: application/xml
date: Fri, 19 Apr 2024 18:56:19 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7rUszA_-_jDNR0XYLigPmYq_mw97whN_n-T9y4I75shoV76QZy67Gg==
X-Firefox-Spdy: h2
|
|